Haitham Gad, AWS Developer in San Diego, United States
Haitham Gad

AWS Developer in San Diego, United States

Member since July 15, 2022
Haitham is a technical leader with over 15 years of experience building products and services for several enterprises. Before starting his AWS consultancy, he spent over five years at AWS, where he helped build Amazon GuardDuty, AWS's intelligent threat detection, and security monitoring service. His work was instrumental in accelerating GuardDuty's adoption by thousands of AWS customers like Snap, HBO Max, Siemens, Volkswagen, and Southwest Airlines.
Haitham is now available for hire

Portfolio

Experience

Location

San Diego, United States

Availability

Part-time

Preferred Environment

Python, Node.js, Amazon Web Services (AWS), Serverless Architecture, Cloud Security

The most amazing...

...thing I've built is Amazon GuardDuty, AWS's intelligent cloud threat detection service, which was quickly adopted by the majority of big-name AWS customers.

Employment

  • Independent AWS Consultant

    2022 - PRESENT
    Rehashly
    • Ran an AWS cloud consultancy to help clients build resilient, secure, and cost-optimized solutions on AWS.
    • Helped a client build their SOC program by analyzing their system, filling gaps in logging and monitoring, writing incident response runbooks, and training the development team on secure coding and AWS security best practices.
    • Bootstrapped the organization's AWS cloud infrastructure by building an AWS Control Tower landing zone and connecting their Google Workspace identities to AWS SSO. Also helped them establish security best practices.
    • Performed forensic investigation for a security incident where a client lost access to some production S3 buckets. Gave the client detailed advice on how they should proceed from there to mitigate the incident and make sure it doesn't happen again.
    • Assisted a client in the medical field to build a HIPAA-compliant network and data security infrastructure and set up a process for continuously monitoring and remediating compliance-related security controls.
    Technologies: Node.js, Python, Amazon Web Services (AWS), Web Security, Cloud Security, Security Testing, Secure Coding, Web App Security, Security Audits, MongoDB, Infrastructure as Code (IaC), AWS Cloud Development, AWS CloudFormation, Back-end Development, Back-end, Functional Programming, DevOps, AWS DevOps, Architecture, OpenAPI, Swagger, OAuth 2, JSON, JSON Web Tokens (JWT), PostgreSQL, Jinja, React, HTML, CSS, Flask, REST APIs, NoSQL, MySQL, SQL, Next.js, Full-stack, Full-stack Development, Technical Leadership, Terraform, Identity & Access Management (IAM), DevSecOps, Boto 3, Google Cloud Platform (GCP), Software Design, API Integration, Integration, CI/CD Pipelines, Git, GraphQL, Cloud Platforms, Engineering, Go, IT Security, Leadership, Requirements Analysis, Technical Project Management, Postman, Prototyping, Docker, Data Modeling, Amazon CloudFront CDN
  • Software Development Engineer

    2016 - 2022
    Amazon Web Services (AWS)
    • Built, launched, and helped grow Amazon GuardDuty into an indispensable tool for security operations teams looking to secure their businesses' AWS workloads. GuardDuty is AWS's intelligent threat detection and security monitoring service.
    • Worked closely with leadership on planning feature roadmaps, prioritizing customer requests, scoping, estimating, and tracking projects, and addressing high-urgency escalations.
    • Helped architect and build several high-throughput scalable back-end microservices with strict reliability and security requirements, each processing billions of events daily.
    • Built some of GuardDuty's high-value security detections end-to-end, from ideation, working with a cross-functional team of product managers, applied scientists, and security engineers, prototyping, testing, operationalization, and launch.
    • Led the design and implementation of GuardDuty's multi-account functionality, simplifying GuardDuty's usability across member accounts of an AWS organization. This feature was instrumental in accelerating GuardDuty's adoption by many AWS customers.
    • Pioneered the technical design and evolution of GuardDuty's control plane architecture, including external APIs, multi-language SDKs, and CloudFormation resources. Set processes and standards for API launch readiness.
    • Provided technical leadership and mentoring for multiple generations of engineers over my tenure with AWS.
    Technologies: AWS CloudFormation, Security, Amazon GuardDuty, Java, Python, TypeScript, AWS Cloud Development, Apache Spark, Scala, Ruby, Serverless, REST, APIs, Microservices, Node.js, AWS IAM, C++, AWS CloudTrail, AWS Kinesis, AWS Lambda, Elasticsearch, Application Security, Amazon CloudWatch, Amazon Simple Queue Service (SQS), AWS Simple Notification Service (AWS SNS), Amazon S3 (AWS S3), Amazon ECS (Amazon Elastic Container Service), AWS Fargate, Amazon DynamoDB, Amazon Route 53, AWS Certificate Manager, Amazon API Gateway, AWS Glue, Dagger 2, Gradle, Program Management, Technical Program Management, Compliance, Web Security, Cloud Security, Amazon EC2, Amazon Virtual Private Cloud (VPC), AWS Organizations, GRC, PCI DSS, PCI Compliance, HIPAA Compliance, GDPR, SOC Compliance, SOC 2, Web App Security, Amazon Elastic MapReduce (EMR), Threat Modeling, Secure Coding, Security Testing, Security Audits, API Design, Amazon Web Services (AWS), Serverless Architecture, Machine Learning, Software as a Service (SaaS), Linux, JavaScript, Databases, Back-end Development, Back-end, Functional Programming, DevOps, AWS DevOps, Architecture, OpenAPI, Swagger, OAuth 2, JSON, Jinja, React, HTML, CSS, REST APIs, NoSQL, Full-stack, Full-stack Development, Technical Leadership, Identity & Access Management (IAM), DevSecOps, Boto 3, Spark, Software Design, API Integration, Integration, CI/CD Pipelines, Git, Cloud Platforms, Engineering, Go, IT Security, Leadership, Requirements Analysis, Technical Project Management, Postman, Agile, Prototyping, Docker, ETL Implementation & Design, Data Modeling, Amazon CloudFront CDN, ETL
  • Lead Software Engineer

    2012 - 2016
    Cadence Design Systems
    • Developed module generators, layout-only object generators such as dummies, guard rings, and polyfills, and place and route tools for the Cadence Virtuoso GXL physical layout suite.
    • Built a system for the assisted routing of physical layout devices, which accelerates the effort of routing components while allowing physical layout engineers to customize specific routing parameters.
    • Led module generator qualification efforts on TSMC's advanced node process design kits (PDKs), for example, TSMC 16nm and 10nm, which gave customers better confidence in adopting them.
    Technologies: Electronic Design Automation (EDA), C++, Lisp, Python, Compilers, Compiler Design, Linux, Databases, Functional Programming, Architecture, JSON, HTML, CSS, Technical Leadership, Software Design, API Integration, Legacy Software, Legacy Code, Integration, Git, Engineering, Requirements Analysis, Desktop App Development, Technical Project Management, Prototyping
  • Software Development Engineer

    2007 - 2012
    Mentor Graphics (Acquired by Siemens)
    • Built compilers and automations to help the custom IC design group accelerate PDK development for the foundries' advanced technology nodes, for example, TSMC 16nm.
    • Contributed to reducing the mentor's release cycle, from 7-8 weeks down to 4-5 days, for advanced node PDKs of key foundries like TSMC and GlobalFoundries.
    • Represented Mentor Graphics in the OpenPDK Coalition, an open coalition aiming to define a set of open standards to allow an OpenPDK to be created once and then translated into specific EDA vendor tools and specific foundry formats.
    • Trained Mentor Graphics' PDK development team on using new PDK automation systems and building foundry partnerships.
    Technologies: Electronic Design Automation (EDA), C++, Python, Compilers, Compiler Design, Linux, Databases, Functional Programming, Lisp, Architecture, JSON, HTML, CSS, Technical Leadership, Software Design, API Integration, Legacy Software, Legacy Code, Integration, Engineering, Requirements Analysis, Desktop App Development, Prototyping

Experience

  • Threat Intelligence Ingestion Service

    Built GuardDuty's threat intelligence ingestion service, an extensible microservice for ingesting various in-house, third-party and open source threat-intelligence feeds for use in finding generation decision logic.

    I developed control-plane APIs to define new ingestors when new threat intelligence feeds become available. I also developed configurable ingestion components that allow for initiating ingestion requests with various parameters and authentication options, transforming responses, and dispatching results to different destinations.

    I built data-plane APIs to invoke ingestors on a schedule or as a response to some events, such as SNS notifications. I then used the control-plane APIs to define ingestors for various in-house, third-party, and open source threat-intelligence feeds required by GuardDuty.

  • AppSec Review Acceleration Program

    Led an AppSec review acceleration program within AWS GuardDuty that achieved the following results:

    • Reduced the AppSec review process timeline for new features from months to weeks.
    • Uncovered and mitigated several weaknesses in the service's security posture.
    • Worked with proactive security teams to mitigate very subtle and intricate attack vectors, including resource-level authorization, confused deputy protection, and cross-account access control.

    I provided continuous education to the GuardDuty team on authoring effective threat models, securing their infrastructure, and writing secure code. I also continuously educated the AppSec team on the security measures that govern GuardDuty's infrastructure components, AWS account settings, and DevSecOps practices.

  • Governance, Risk, and Compliance Program

    Led GuardDuty's GRC program, helping achieve compliances and building solutions and processes for continuous adherence.

    I partnered with the GRC team to understand the auditor requirements for different compliances and identify the gaps in GuardDuty's infrastructure and process security that needed to be filled to achieve each compliance. I then led a group of engineers to implement mitigations for the identified gaps.

    Within the program, I helped GuardDuty achieve several compliances, including GDPR, SOC 2, Payment Card Industry Data Security Standard (PCI DSS), HIPAA, and Federal Risk and Authorization Management Program (FedRAMP).

    I also built solutions and processes to ensure GuardDuty is continuously adhering to all its existing security compliances.

  • GuardDuty's Operations Platform

    Led the design and implementation of GuardDuty's Operations Platform, an extensible system built in Python and used by on-call rotation engineers to scale critical administrative and operational activities across GuardDuty's 28 commercial and GovCloud production regions.

Skills

  • Languages

    Python, TypeScript, Java, C++, JavaScript, Lisp, HTML, Scala, Ruby, CSS, SQL, GraphQL, Go, Python 3
  • Frameworks

    Swagger, Jinja, Apache Spark, Dagger 2, OAuth 2, JSON Web Tokens (JWT), Next.js, Spark, Flask
  • Libraries/APIs

    Node.js, OpenAPI, REST APIs, React
  • Tools

    AWS CloudFormation, AWS IAM, AWS CloudTrail, Amazon Simple Queue Service (SQS), AWS Simple Notification Service (AWS SNS), Amazon ECS (Amazon Elastic Container Service), AWS Fargate, Amazon Virtual Private Cloud (VPC), Amazon CloudWatch, Amazon Elastic MapReduce (EMR), Boto 3, Git, Postman, Amazon CloudFront CDN, AWS Glue, Gradle, Terraform
  • Paradigms

    REST, Microservices, Serverless Architecture, Functional Programming, DevOps, DevSecOps, Requirements Analysis, Desktop App Development, Agile, ETL Implementation & Design, ETL, HIPAA Compliance, Compiler Design
  • Platforms

    AWS Lambda, Amazon EC2, AWS Kinesis, Amazon Web Services (AWS), Linux, Docker, Google Cloud Platform (GCP)
  • Storage

    Amazon S3 (AWS S3), Amazon DynamoDB, Elasticsearch, Databases, JSON, NoSQL, MongoDB, PostgreSQL, MySQL
  • Industry Expertise

    IT Security, Security
  • Other

    Amazon GuardDuty, AWS Cloud Development, Amazon Route 53, AWS Certificate Manager, Amazon API Gateway, Program Management, Technical Program Management, Application Security, Web Security, Cloud Security, AWS Organizations, GRC, Compliance, Web App Security, Serverless, APIs, Threat Modeling, Secure Coding, API Design, Software as a Service (SaaS), Infrastructure as Code (IaC), Back-end Development, Back-end, AWS DevOps, Architecture, Technical Leadership, Identity & Access Management (IAM), Software Design, API Integration, Legacy Software, Legacy Code, Integration, CI/CD Pipelines, Cloud Platforms, Engineering, Prototyping, Data Modeling, PCI DSS, PCI Compliance, GDPR, SOC Compliance, SOC 2, FedRAMP, Security Testing, Security Audits, Compilers, Full-stack, Full-stack Development, Leadership, Technical Project Management, Machine Learning

Education

  • Bachelor's Degree in Electrical Engineering and Computer Science
    2001 - 2006
    Cairo University - Cairo, Egypt

Certifications

  • AWS Certified Security Specialist
    JANUARY 2022 - JANUARY 2025
    Amazon Web Services
  • Machine Learning
    DECEMBER 2014 - PRESENT
    Coursera
  • Compilers
    APRIL 2013 - PRESENT
    Coursera

To view more profiles

Join Toptal
Share it with others